include_once 'includes/config.php';
if (isset($_SESSION["is_auth"])) {
header('location: lecke.php');
exit;
}
if (isset($_POST['login-submit'])) {
if (!empty($_POST['username']) && !empty($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$userId = db_getUserId($username, null, null);
$cardIsActive = db_testCardValidation($userId, null, null, null);
$userFirstName = db_getUserFirstName($username, null, null);
$userLastLogin = db_getUserLastLogin($username, null, null);
db_updateLastLogin(null, $username, null, null);
$timeWindowName = db_getUserTimeWindow(null, $username, null, null);
$hash = db_getUserHash($userId, $username, null, null);
if ($userId && $hash) {
if (password_verify($password, $hash)) {
if ($cardIsActive) {
$_SESSION['is_auth'] = true;
$_SESSION['userId'] = $userId;
$_SESSION['userFirstName'] = $userFirstName;
$_SESSION['userLastLogin'] = $userLastLogin;
$_SESSION['timeWindowName'] = $timeWindowName;
if (isset($_POST['remember_me'])) {
storeNewAuthToken($userId);
}
header('location: lecke.php');
exit;
} else {
$message = "A kártya (már) nem aktív!";
$validate['passw'] = preg_match("/[^\"'\\{\\}\\[\\]\\(\\)]{6,20}\$/", $passw_uj);
} else {
$passw_uj = null;
}
if (!empty($_POST['new_passw_re'])) {
$passw_uj_re = test_input($_POST['new_passw_re']);
$validate['passw_re'] = preg_match("/[^\"'\\{\\}\\[\\]\\(\\)]{6,20}\$/", $passw_uj_re);
} else {
$passw_uj_re = null;
}
if ($userEmail != $userEmail_uj || $varos != $varos_uj || $userName != $userName_uj || $telefon != $telefon_uj || $varosresz != $varosresz_uj || isset($passw_uj)) {
$valtozas = true;
} else {
$valtozas = false;
}
$hash = db_getUserHash($userId, null, null, null);
if ($hash && !in_array(false, $validate) && $valtozas) {
if (password_verify($passw_regi, $hash)) {
$username_ok = true;
if ($userName_uj != $userName) {
if (db_getUserId($userName_uj, null, null) !== FALSE) {
$username_ok = false;
}
}
if ($username_ok) {
if (isset($passw_uj)) {
if ($passw_uj == $passw_uj_re) {
$hash = password_hash($passw_uj, PASSWORD_BCRYPT, ['cost' => 10]);
} else {
$msg = "Új jelszó és Új jelszó ismét mezők nem egyeznek!";
}
<?php
include_once 'includes/config.php';
if (isset($_SESSION["admin_is_auth"])) {
header('location: admin.php');
exit;
}
if (isset($_POST['login-submit'])) {
if (!empty($_POST['username']) && !empty($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$userId = db_getUserId($username);
$hash = db_getUserHash($userId, $username);
if ($userId && $hash) {
if (password_verify($password, $hash)) {
$_SESSION['admin_is_auth'] = true;
$_SESSION['admin_userId'] = $userId;
header('location: admin.php');
exit;
} else {
$message = "Hibás felhasználónév vagy jelszó!";
}
} else {
$message = "Hibás felhasználónév vagy jelszó!";
}
} else {
$message = "Kérjük, írja be felhasználónevét és jelszavát!";
}
}
?>
<!DOCTYPE html>
